package com.aaa.springboot.config;

import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;

import java.io.PrintWriter;
import java.util.HashMap;
import java.util.Map;

@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    // 测试 基于内存的数据

    //@Override
    //@Bean
    //protected UserDetailsService userDetailsService() {
    //
    //    InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
    //
    //    manager.createUser(User.withUsername("admin").password("admin").authorities("p1").build());
    //
    //    return manager;
    //
    //}

    // 密码比对器

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new   BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 关闭 csrf的安全防护
        http.csrf().disable();
        http.csrf().disable()
                .authorizeRequests()
                .antMatchers("/login.html","/register.html","/register").permitAll()
                .antMatchers("/index.html").hasAnyAuthority("p1","p3")
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/login.html")
                .loginProcessingUrl("/login")
                .successHandler((request, response, authentication) -> {
                    Map<String, Object> map = new HashMap<String, Object>();
                    map.put("code", 200);
                    map.put("message", "登录成功");
                    map.put("data", authentication);
                    response.setContentType("application/json;charset=utf-8");
                    PrintWriter out = response.getWriter();
                    ObjectMapper objectMapper = new ObjectMapper();
                    String string = objectMapper.writeValueAsString(map);
                    out.write(string);
                    out.flush();
                    out.close();
                }).failureHandler((request, response, exception) -> {
                    response.setContentType("application/json;charset=utf-8");
                    Map<String, Object> map = new HashMap<String, Object>();
                    map.put("code", 450);
                    map.put("message", "用户名或密码错误");
                    map.put("data", exception.getMessage());
                    PrintWriter out = response.getWriter();
                    ObjectMapper objectMapper = new ObjectMapper();
                    String string = objectMapper.writeValueAsString(map);
                    out.write(string);
                    out.flush();
                    out.close();
                }).permitAll();

    }

}
